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Claims 1 - 26 (Cancelled) 

27. (New) A firewall device for inspecting packets transmitted over a network 
comprising: 

a) a firewall core connected to each of a plurality of communication 
interfaces and executing at least one inspection module wherein each at 
least one inspection module is software code configured to carry out an 
operation of providing protocol information for a particular protocol to 
said firewall core; and 

b) a new inspection module inserted into an operating memory of said firewall 
core during operation of said firewall core wherein said new inspection 
module is software code configured to carry out an operation of providing 
protocol information for a particular protocol to said firewall core. 

28. (New) The firewall device of claim 27, wherein said firewall core is configured to 
monitor said operating memory for said new inspection module. 

29. (New) The firewall device of claim 27, wherein each said at least one inspection 
module and said new inspection module each further comprise a plurality of callback 
functions, said plurality of callback functions communicated to said firewall core and 
providing communication between said firewall core and said at least one inspection 
module. 
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30. (New) The firewall device of claim 27, wherein each said at least one inspection 
module and new inspection module are each further configured to indicate to said 
firewall core for which protocol for data packets said inspection module is configured to 
provide inspection. 

31. (New) The firewall device of claim 27, wherein each data packet intercepted by 
said firewall core further includes session information comprising address and port data, 
said firewall core further configured to map said session information for each said data 
packet to one of said at least one inspection modules and said new inspection module. 

32. (New) A firewall core in a firewall system that inspects data packets transmitted 
over a network comprising: 

a communication unit wherein said communication unit is operatively 
coupled to each one of a plurality of communication interfaces connected to said 
network; 

a set of callback functions, retrieved from each of at least one inspection 
modules loaded into a memory of said firewall core, each of said set of callback functions 
provide communication between said firewall core and one of said at least one 
inspection modules and wherein each said at least one inspection module is software 
code configured to carry out the operation of providing protocol information and to 
inspect data packets of a particular protocol; and 

wherein said firewall core monitors said memory to determine when a new 
inspection module is loaded into said memory. 



3 



Docket No.: CISCO- 1935 

33. (New) The firewall core of claim 32, wherein said communication unit is further 
configured to intercept network data communicated via each of said plurality of 
communication interfaces. 

34. (New) The firewall core of claim 32, further comprising a session mapping unit, 
said data packets intercepted by said firewall core further including session information 
comprising address and port data, said session mapping unit further configured to map 
said session information to a corresponding one of said at least one inspection modules 
providing inspection for said protocol of said packet into a session mapping and store 
said session mapping into said session mapping unit. 

35. (New) The firewall core of claim 34, wherein said communication unit is further 
configured to communicate a packet between said communication interfaces and one of 
said at least one inspection modules. 

36. (New) An inspection module for a firewall device comprising software code 
stored in a memory of a firewall core that inspects packets transmitted over a network in 
a protocol, said inspection module comprising: 

an inspection unit configured to inspect and authorize data packets; 

a function table including a set of callback functions wherein said set if 
callback functions provides communication between said firewall core and said 
inspection module; and 

wherein said inspection module is loaded into said memory monitored by 
said firewall core during operation of said firewall device. 
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37. (New) The inspection module of claim 36, wherein said inspection module is 
further configured to indicate to said firewall core for said protocol for data packets to 
be inspected by said inspection module. 

38. (New) The inspection module of claim 36, where in said inspection unit is further 
configured to receive and inspect packets communicated from the firewall core to said 
inspection module. 

39. (New) A method for providing an inspection module for inspecting data packets 
of a particular protocol to a firewall system during runtime comprising: 

loading an inspection module into a memory monitored by a firewall core 
during operation of said firewall system wherein said inspection module comprises 
software code for an application providing inspections of packets in said particular 
code; 

notifying the firewall core of said inspection module in said memory; and 
communicating said set of callback functions from said inspection module 
to said firewall core. 

40. (New) The method of claim 39, further comprising enabling said inspection 
module, prior to communicating said set of callback function to said firewall core. 

41. (New) The method of claim 39 further comprising inspecting of packets of said 
particular protocol by said inspection module, said packets communicated from the 
firewall core to said inspection module. 



5 



Docket No.: CISCO-1935 

42. (New) The method of claim 39 wherein said step of notifying the firewall core 
comprises: 

transmitting a signal to the firewall core to indicate the installation of said 
inspection module. 

43. (New) A program storage device readable by a machine, tangibly embodying a 
program of instructions executable by the machine to perform a method for adding 
protocol knowledge to a firewall system during runtime comprising, said firewall system 
including a firewall core, said method comprising: 

loading an inspection module into a memory monitored by said firewall 
core during operation of said firewall system wherein said inspection module comprises 
software code executable to inspect a data packet of a particular protocol and to 
provide protocol information for said particular protocol to said firewall core; 

notifying the firewall core said inspection module is loaded into said 
memory responsive to said loading; and 

communicating a set of callback functions from said inspection module to 
said firewall core. 

44. (New) The program storage device of claim 43, said method further comprising: 

enabling said inspection module prior to communicating said set of 
callback functions to said firewall core. 

45. (New) The program storage device of claim 43, said method further comprising: 

inspecting of packets by said inspection module, said packets 
communicated from the firewall core to said inspection module. 



6 



Docket No.: CISCO-1935 

46. (New) The program storage device of claim 39, wherein said step of notifying the 
firewall core comprises: 

transmitting a signal to the firewall core to indicate the loading of said 
inspection module. 

47. (New) The program storage device of claim 39, said method further comprising: 

indicating by said inspection module said particular protocol of data 
packets that said inspection module inspects. 
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